Presentation is loading. Please wait.

Presentation is loading. Please wait.

INTERNAL CONTROLS Jim Arnette, CGFM, CISA

Published byHector Evans Modified over 7 years ago

Similar presentations

Presentation on theme: "INTERNAL CONTROLS Jim Arnette, CGFM, CISA"— Presentation transcript:

1 INTERNAL CONTROLS Jim Arnette, CGFM, CISA
AGA National President-Elect November 18, 2016

2 “Our government’s small…We don’t have any fraud risks.”
INTERNAL CONTROLS “Fraud just couldn’t happen here because all our employees are honest.” “Our government’s small…We don’t have any fraud risks.” “Implementing internal controls is too costly.” “Internal controls? That’s why we have insurance.” “Utilizing internal control procedures takes too much time.” “If we get audited every year, why do we need controls?”

3 INTERNAL CONTROLS

4 INTERNAL CONTROLS 191 Vendor Checks $200,000

5 FRAUD IN TENNESSEE Over 800 hotline contacts (via phone and website)
INTERNAL CONTROLS FRAUD IN TENNESSEE Over 800 hotline contacts (via phone and website) Approximately 130 fraud reporting forms $1,814,029 in cash shortages

6 INTERNAL CONTROLS

7 WHAT ARE INTERNAL CONTROLS?
Internal controls are methods put in place to provide reasonable assurance that the objectives of the governments will be achieved in operations, reporting, and compliance… Checks and balances that are in place to detect and to help prevent fraud… They keep things under control…

8 INTERNAL CONTROLS

9 HISTORY OF INTERNAL CONTROLS
1949 – Study published by the American Institute of Accountants 1950 – Accounting and Auditing Act GAO’s first revision of the Yellow Book 1982 – Federal Managers Financial Integrity Act 1983 – GAO establishes Standards for Internal Controls in the Federal Government – This was the Green Book… HISTORY OF INTERNAL CONTROLS

10 HISTORY OF INTERNAL CONTROLS
1984 – Single Audit Act 1992 – COSO releases the Internal Control Framework 2002 – Sarbanes Oxley Act 2004 – COSO Releases ERM – Enterprise risk management SAS Communicating Internal Control Matters Identified in an Audit

11 HISTORY OF INTERNAL CONTROLS
2013 – COSO Updates the Internal Control Integrated Framework 2014 – GAO Updates the Standards for Internal Controls in the Federal Government (Green Book) 2014 – OMB Uniform Grant Guidance 2015 – Fraud Reduction and Data Analytics Act – Requires OMB to establish guidelines for Federal agencies to use GAO’s Green Book to implement control activities related to fraud risk management HISTORY OF INTERNAL CONTROLS

12 WHY DO WE NEED INTERNAL CONTROLS?
Reduce opportunities for fraud and waste Help management make better informed decisions Establish performance standards Help ensure compliance with applicable laws, regulations, policies, and procedures Eliminate adverse publicity Protect government assets Promote effectiveness and efficiency of operations Ensure reliability of financial reporting Promote transparency and accountability PUBLIC TRUST

13 WHO’S RESPONSIBLE FOR INTERNAL CONTROLS?
Management Governing Board Audit Committees Internal Audit Function

14 COMMITTEE OF SPONSORING ORGANIZATIONS (COSO)
INTERNAL CONTROLS COMMITTEE OF SPONSORING ORGANIZATIONS (COSO) AICPA, American Accounting Association, Financial Executives International, Institute of Internal Auditors, and Institute of Management Accountants Released a report called “Internal Control – Integrated Framework in 1992 5 components of internal control In 2004, COSO released Enterprise Risk Management – An Integrated Framework (COSO II)

15 CONTROL ENVIRONMENT INTERNAL CONTROLS “Tone at the Top”
The most important component Management must set an example of professional integrity and ethical values Management has got to be knowledgeable about internal controls Management must be committed to establishing and maintaining internal controls Management must communicate their support for internal controls to their staff

16 RISK ASSESSMENTS INTERNAL CONTROLS
Inherent Risk - Some things are just inherently more risky than others...Most of the time an organization has no control over these types of risks...(Example: handling cash) Control Risk – This relates to the effectiveness of an organization’s internal control structure...Good internal controls reduces control risk Detection Risk – This is the measurement of how likely and how quickly a fraud or error will go undetected

17 INTERNAL CONTROLS

18 CONTROL ACTIVITIES INTERNAL CONTROLS
Nuts and bolts of internal control The day to day activities staff carry out in the course of their duties Actions an agency takes to respond to risks that are identified during the risk assessment Reduce a risk to an acceptable level Examples would be: issuing pre-numbered receipts and checks, reconciling bank statements, controlling access to credit cards, separate cash drawers for those responsible for collecting cash Not costly or difficult to implement

19 INFORMATION AND COMMUNICATION
INTERNAL CONTROLS INFORMATION AND COMMUNICATION Refers to the ability of an agency to produce and communicate accurate information (Example: Issuing financial statements that comply with GAAP) Requires hiring competent, trained staff who understand accounting and are knowledgeable of the accounting standards

20 MONITORING INTERNAL CONTROLS
Activity management performs to assess how effective their internal control system is functioning Can detect weaknesses and prompt corrective actions (Examples: surprise cash counts, examination of purchases to be sure all purchasing controls have been followed) Helps prevent the override of internal controls

21 TYPES OF CONTROLS INTERNAL CONTROLS
Preventive Controls – Steps you take before a fraud occurs (Examples: Segregation of duties, passwords to prevent unauthorized access to networks or applications, locks on doors, alarms) Detective Controls – Controls designed to find problems if a problem exists. They provide assurance that preventive controls are working (Examples: An inventory of assets, reconciliation of bank statements, an external audit) Corrective Controls – Controls designed to correct errors or the results of fraudulent activity once they’ve been detected

22 WHY INTERNAL CONTROLS DON’T WORK
No internal control system will provide absolute assurance whether they will allow an organization to meet their objectives without issues Internal control is implemented by humans and requires the use of their judgement in decision making…Humans are prone to mistakes and moral and ethical lapses Some internal controls just don’t work Management blindly trusts their employees Staff might not be up to speed on internal control policies There’s a cost vs. benefit - No organization has unlimited resources Sometimes internal controls are subject to management override There’s the possibility of collusion

23 INTERNAL CONTROLS “Never trust the people you cheat with. They’ll throw you under the bus.” Marianne Jennings, Ethics Professor, Arizona State University, Author “Three people can keep a secret if two are dead.” Ben Franklin, Founding Father

24 KEY POINTS TO REMEMBER INTERNAL CONTROLS
Internal control is the combination of people, policies, and procedures that organizations rely upon to obtain reasonable assurance that their government’s operating effectively The primary responsibility for internal control lies with management…But the governing body has the ultimate responsibility to be sure management is doing what they’re supposed to do External auditors rely on internal controls to support their audit opinions regarding the financial statements Audit committees and internal auditors support management and the governing body regarding internal control Reasonable assurance requires an internal control system that addresses the 5 components of internal control: control environment, risk assessment, control activities, information and communication, and monitoring Even the best system of internal control will fail in an unfavorable environment Risk assessment is not a one-time event…It’s an on-going process

25 AGA National President-Elect
AUDITOR / AUDITEE RELATIONS “Making government work better…” Jim Arnette AGA National President-Elect

Download ppt "INTERNAL CONTROLS Jim Arnette, CGFM, CISA"

Similar presentations

Internal Control Integrated Framework

Internal Control Integrated Framework
OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
Federal Audit Executive Council (FAEC) June 2012 Bi-Monthly Meeting Heather I. Keister Doris G. Yanger June 14, 2012 Green Book Update.

Federal Audit Executive Council (FAEC) June 2012 Bi-Monthly Meeting Heather I. Keister Doris G. Yanger June 14, 2012 Green Book Update.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Control and Accounting Information Systems

Control and Accounting Information Systems
2008 Financial Management Institute of Canada – Manitoba Chapter Professional Development Day Presented by: David R. Hancox, CIA, CGFM Co-Author: Government.

2008 Financial Management Institute of Canada – Manitoba Chapter Professional Development Day Presented by: David R. Hancox, CIA, CGFM Co-Author: Government.
Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.

Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.
INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.

INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza

The Islamic University of Gaza
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.

Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Presented By: Donna Denker, CPA Donna Denker & Associates.

Presented By: Donna Denker, CPA Donna Denker & Associates.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
The University of California Strengthening Business Practices: The Language of Our Control Environment Dan Sampson Assistant Vice President Financial Services.

The University of California Strengthening Business Practices: The Language of Our Control Environment Dan Sampson Assistant Vice President Financial Services.

Similar presentations

Ads by Google